Our trust in specific symmetric primitives relies on their ability to resist all known cryptanalytic attacks. Therefore, cryptanalysis is the only proper way to evaluate their security. In this paper, we investigate the behavior of symmetric primitives in the quantum world. This requires to extend the toolkit of symmetric cryptanalysis to the quantum setting, eventually including new attacks. W...

This paper considers the security of iterated block ciphers against the di erential cryptanalysis introduced by Biham and Shamir Di erential cryptanalysis is a chosen plaintext attack on secret key block ciphers that are based on iterating a cryptographically weak function r times e g the round Data Encryption Standard DES It is shown that the success of such attacks on an r round cipher depend...

Since the proposal of differential cryptanalysis and linear cryptanalysis in 1991 and 1993, respectively, the resistance to these cryptanalysis has been studied. In FSE2, Knudsen proposed a method of attacking block ciphers that used the higher order differential, and in FSE4, Jakobsen and Knudsen applied it to a cipher proposed by Nyberg and Knudsen. Their approach, however, requires large com...

This paper observes the cryptanalysis of the Telecommunications Industry Association’s Cellular Message Encryption Algorithm (CMEA). The CMEA has been widely used for wireless security and the breaking of the scheme proves the requirement of alternatives. In the current paper, the properties of CMEA which have lead to the successful cryptanalysis, have been identified. Accordingly the algorithm...

In this article the immunity of ElGamal and related signature schemes against fault cryptanalysis (FA) is examined. Although such schemes have been widely adopted, their resistance against fault cryptanalysis has not been verified in detail. Majority of those schemes are not immune to fault cryptanalysis and can be broken without solving discrete logarithm problem. It will be proved that the se...

This paper shows how a well-balanced trade-off between a generic workstation and dumb but fast reconfigurable hardware can lead to a more efficient implementation of a cryptanalysis than a full hardware or a full software implementation. A realistic cryptanalysis of the A5/1 GSM stream cipher is presented as an illustration of such trade-off. We mention that our cryptanalysis requires only a mi...

Hash function cryptanalysis has acquired many methods, tools and tricks from other areas, mostly block ciphers. In this paper another trick from block cipher cryptanalysis, the structures, is used for speeding up the collision search. We investigate the memory and the time complexities of this approach under different assumptions on the round functions. The power of the new attack is illustrate...

Cryptanalysis of knapsack cipher is a fascinating problem which has eluded the computing fraternity for decades. However, in most of the cases either the time complexity of the proposed algorithm is colossal or an insufficient number of samples have been taken for verification. The present work proposes a Genetic Algorithm based technique for cryptanalysis of knapsack cipher. The experiments co...